Cisco Nexus 9000 ACI Mode SNMP DoS Vulnerability (CVE-2026-20048)

Key Information Vulnerability Overview: Vulnerability Name: Cisco Nexus 9000 Series Fabric Switches in ACI Mode SNMP Denial of Service Vulnerability Severity: High CIS ID: cisco-sa-nxos-dsnmp-cNN39Uh CVE ID: CVE-2026-20048 CWE ID: CWE-789 Affected Products: Cisco Nexus 9000 Series Fabric Switches in ACI mode under specific conditions: - SNMP functionality is enabled. - At least one AAA provider is configured to use a DNS name instead of an IPv4 address. Vulnerability Details: A vulnerability in the Simple Network Management Protocol (SNMP) subsystem could allow an authenticated remote attacker to cause a denial of service (DoS) condition on an affected device. An attacker exploits this vulnerability by continuously sending SNMP queries to a specific MIB on the affected device, which may lead to a kernel panic and device reload. Exploitation via SNMPv1 or SNMPv2c requires a valid read-only SNMP community string, while exploitation via SNMPv3 requires valid SNMP user credentials. Mitigation: Cisco has released software updates to address this vulnerability. A workaround is available for AAA providers configured with IPv4 DNS names; however, no workaround exists for IPv6 configurations. Fixed Software: Cisco recommends that customers upgrade to the fixed software versions indicated in this advisory to fully remediate this vulnerability. Specific versions of Cisco NX-OS Software and instructions on how to verify them are provided. Additional Information: The vulnerability was discovered during the resolution of a Cisco TAC support case. Details regarding the vulnerability, public advisories, and the source of the vulnerability are available.

Goal Reached Thanks to every supporter — we hit 100%!

Cisco Nexus 9000 ACI Mode SNMP DoS Vulnerability (CVE-2026-20048)